[12] RFR 8193859: Allow user provided ObjectInputFilter in SealedObject and SignedObject
Weijun Wang
weijun.wang at oracle.com
Wed Aug 22 06:37:32 UTC 2018
Updated webrev at
http://cr.openjdk.java.net/~weijun/8193859/webrev.02/
Changes:
1) More spec change
- describing the filter in class spec
- mentioning the system filter in existing getObject() methods
- add "@throws InvalidClassException" to all getObject() methods
2) More test cases
- check SecurityException when a security manager is set
- set the system filter to see how existing getObject() works
The 2 tests are very similar but they belong to jdk_security1 and jdk_security2. Therefore I haven't combined them.
Thanks
Max
> On Aug 17, 2018, at 10:56 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>
> Please take a review at the updated webrev at
>
> http://cr.openjdk.java.net/~weijun/8193859/webrev.01
>
> Changes only in doc, including
>
> 1) The "2018-8-15 updates" in the CSR [1]
>
> 2) formatting
>
> Thanks
> Max
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8193887
>
>> On Aug 14, 2018, at 11:19 PM, Roger Riggs <Roger.Riggs at Oracle.com> wrote:
>>
>> Hi,
>>
>> On 8/14/2018 10:59 AM, Weijun Wang wrote:
>>>
>>> s/initial process-wide filter/system filter/?
>>
>> yes
>>
>> Roger
>>
>>>
>>> --Max
>>>
>>>> [1] 8202675 Replace process-wide terminology in serial filtering to be consistent
>>>>
>>>> Regards, Roger
>>>>
>>>
>>
>
More information about the security-dev
mailing list